#
# This role sets up the various packages and scripts needed for a infinote server
#



#
# make directory for nfs mounts to live in
#

- name: create an infinoted user
  user: name=infinote state=present home=/home/infinote createhome=yes shell=/sbin/nologin
  tags:
  - infinote
  - config

- name: Setup basic git config for infinote user
  copy: src=gitconfig dest=/home/infinote/.gitconfig
  tags:
  - infinote
  - config

- name: Setup basic apache config
  template: src=infinote.fedoraproject.org.conf dest=/etc/httpd/conf.d/infinote.fedoraproject.org.conf
  tags:
  - infinote
  - config

- name: Copy over SSLCertificateChainFile
  copy: >
    src={{private}}/files/httpd/wildcard-2014.fedoraproject.org.intermediate.cert
    dest=/etc/pki/tls/certs/
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - httpd
  - httpd/certificate
  - infinote
  - config

- name: Copy infinote.fedoraproject.org .cert
  copy: >
    src="{{private}}/files/httpd/infinote.fedoraproject.org.cert"
    dest=/etc/pki/tls/certs/infinote.fedoraproject.org.cert
    owner=root
    group=root
    mode=0644
  notify:
  - reload httpd
  tags:
  - httpd
  - httpd/certificate
  - infinote
  - config

- name: Copy infinote.fedoraproject.org .key
  copy: >
    src="{{private}}/files/httpd/infinote.fedoraproject.org.key"
    dest=/etc/pki/tls/private/infinote.fedoraproject.org.key
    owner=infinote
    group=apache
    mode=0640
  notify:
  - reload httpd
  tags:
  - httpd
  - httpd/certificate
  - infinote
  - config

- name: create /srv/web for web content
  file: dest=/srv/web state=directory mode=755 owner=infinote group=infinote
  tags:
  - infinote
  - config

- name: check the selinux context of /srv/web
  command: matchpathcon /srv/web
  register: webdir
  check_mode: no
  changed_when: "1 != 1"
  tags:
  - infinote
  - config
  - selinux
  - httpd
  - httpd/website

- name: /srv/web selinux context
  command: semanage fcontext -a -t git_content_t "/srv/web(/.*)?"
  when: webdir.stdout.find('git_content_t') == -1
  tags:
  - infinote
  - config
  - selinux
  - httpd
  - httpd/website

- name: create /srv/infinote for infinote content
  file: dest=/srv/infinote state=directory mode=755 owner=infinote group=infinote
  tags:
  - infinote
  - config

- name: install packages needed
  package: name={{ item }} state=present
  with_items:
  - infinoted
  tags:
  - infinote
  - config

- name: add systemd unit file to start infinote daemon
  copy: src=infinoted.service dest=/etc/systemd/system/infinoted.service
  notify: reload systemd
  tags:
  - infinote
  - config

- name: enable infinoted
  service: name=infinoted state=started enabled=true
  tags:
  - infinote
  - config

- name: add config file for infinoted
  template: src=infinoted.conf dest=/etc/xdg/infinoted.conf
  notify: restart infinoted
  tags:
  - infinote
  - config

- name: add git commit script for infinote
  copy: src=infinoted-git-commit dest=/usr/local/bin/infinoted-git-commit mode=0755
  tags:
  - infinote
  - config
